Ditto
ReviewAudited by ClawScan on May 10, 2026.
Overview
Ditto appears to be a real memory integration, but it deserves review because it can proactively store personal facts in a long-term external memory service.
Install only if you are comfortable with OpenClaw using HeyDitto as a long-term memory service. Consider telling the agent to save memories only when you explicitly ask, avoid storing sensitive personal facts, protect the Ditto API key, and confirm that Ditto provides review and deletion controls for saved memories.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could save personal information to the user's Ditto account without the user explicitly asking for that specific item to be remembered.
The agent is instructed to run a write action not only on explicit user requests, but also when it decides something is worth saving.
Explicit save request, or you spotted a durable fact worth keeping.
Require explicit user confirmation before proactive saves, especially for personal, sensitive, or relationship-related facts.
Incorrect, overly broad, or sensitive memories could persist and influence future assistant behavior.
This creates persistent memory from broad categories of user information and allows future reuse across tasks without clearly documented scoping or pre-save consent.
Use for explicit save requests, and proactively for durable preferences, decisions, relationships, or facts.
Use a clear save policy, ask before storing new memories, and provide users with review and deletion options for stored memories.
Anyone with the API key may be able to access or modify the user's Ditto memories through the CLI/API.
The skill needs an account API key to access the user's Ditto memory graph; this is expected, but users should understand the credential grants account access.
Auth is via API key — stored in `~/.config/heyditto/cli/config.json` (preferred) or `DITTO_API_KEY` env (override).
Protect the API key, rotate it if exposed, and avoid pasting it anywhere except the intended setup flow.
Installing the skill also trusts the external CLI package and its updates to handle memories and credentials correctly.
The skill depends on an external npm CLI package whose code is not included in the supplied artifacts.
node | package: @heyditto/cli | creates binaries: ditto
Install only from the official package/source, keep it updated, and review the linked CLI repository if supply-chain assurance matters.